CLAMP - Control Loop Automation Management Platform

Clamp in ONAP Architecture

CLAMP is a platform for designing and managing control loops. It is used to visualize a control loop, configure it with specific parameters for a particular network service, then deploying and undeploying it. Once deployed, the user can also update the loop with new parameters during runtime, as well as suspending and restarting it.

It interacts with other systems to deploy and execute the control loop. For example, it extracts the control loop blueprint and Policy Model(Model Driven Control Loop) from CSAR distributed by SDC/DCAE-DS. It requests from DCAE the instantiation of microservices to manage the control loop flow. Furthermore, it creates and updates multiple policies (for DCAE mS configuration and actual Control Operations) in the Policy Engine that define the closed loop flow.


The ONAP CLAMP platform abstracts the details of these systems under the concept of a control loop model. The design of a control loop and its management is represented by a workflow in which all relevant system interactions take place. This is essential for a self-service model of creating and managing control loops, where no low-level user interaction with other components is required.

CLAMP also allows to visualize control loop metrics through a dashboard, in order to help operations understand how and when a control loop is triggered and takes action.


At a higher level, CLAMP is about supporting and managing the broad operational life cycle of VNFs/VMs and ultimately ONAP components itself. It will offer the ability to design, test, deploy and update control loop automation - both closed and open. Automating these functions would represent a significant saving on operational costs compared to traditional methods.


Offered APIs

The list of APIs that CLAMP has offered could be find in the following table:

swagger-icon html-icon pdf-icon
swagger json file html doc pdf doc
link link link

Consumed APIs

CLAMP uses the API’s exposed by the following ONAP components:

  • SDC : REST based interface exposed by the SDC, Distribution of service to DCAE
  • DCAE: REST based interface exposed by DCAE, Common Controller Framework, DCAE microservices onboarded (TCA, Stringmatch, Holmes (optional))
  • Policy: REST based interface, Policy engine target both XACML and Drools PDP, Policy Engine trigger operations to App-C/VF-C/SDN-C
  • CDS: REST based interface, to retrieve list of operations/actions with their corresponding payload at runtime for Operational Policies where the field ‘actor’ is ‘CDS’.


CLAMP component is composed of a UI layer and a backend layer and packaged into a single container (single jar). CLAMP also requires a database instance with 1 DB, it uses MariaDB. CLAMP also uses an ELK stack (Elastic Search, Logstash and Kibana) for the Dashboard.

Logging & Diagnostic Information

CLAMP uses logback framework to generate logs. The logback.xml file can be found under the [src/main/resources/ folder](src/main/resources).

With the default log settings, all logs will be generated into console and into root.log file under the CLAMP root folder. The root.log file is not allowed to be appended, thus restarting the CLAMP will result in cleaning of the old log files.


A [docker-compose example file](extra/docker/clamp/docker-compose.yml) can be found under the [extra/docker/clamp/ folder](extra/docker/).

Once the image has been built and is available locally, you can use the docker-compose up command to deploy a pre-populated database and a CLAMP instance available on [https://localhost:3000](https://localhost:3000).


Currently, the CLAMP docker image can be deployed with small configuration needs. Though, you might need to make small adjustments to the configuration. As CLAMP is spring based, you can use the SPRING_APPLICATION_JSON environment variable to update its parameters.

There are one datasource for Clamp. By default, it will try to connect to the localhost server using the credentials available in the example SQL files. If you need to change the default database host and/or credentials, you can do it by using the following json as SPRING_APPLICATION_JSON environment variable :

    "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3",
    "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json",
    "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080",
    "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443",
    "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443",
    "clamp.config.dcae.deployment.userName": "none",
    "clamp.config.dcae.deployment.password": "none",
    "clamp.config.policy.api.url": "https4://policy-api.{{ include "common.namespace" . }}:6969",
    "clamp.config.policy.api.userName": "healthcheck",
    "clamp.config.policy.api.password": "zb!XztG34",
    "clamp.config.policy.pap.url": "https4://policy-pap.{{ include "common.namespace" . }}:6969",
    "clamp.config.policy.pap.userName": "healthcheck",
    "clamp.config.policy.pap.password": "zb!XztG34",
    "clamp.config.cadi.aafLocateUrl": "https://aaf-locate.{{ include "common.namespace" . }}:8095",
    "com.att.eelf.logging.path": "/opt/clamp",
    "com.att.eelf.logging.file": "logback.xml"

SDC-Controllers config

This file is a JSON that must be specified to Spring config, here is an example:

       "user": "clamp",
       "consumerGroup": "consumerGroup1",
       "consumerId": "consumerId1",
       "environmentName": "AUTO",
       "sdcAddress": "localhost:8443",
       "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981",
       "user": "clamp",
       "consumerGroup": "consumerGroup1",
       "consumerId": "consumerId1",
       "environmentName": "AUTO",
       "sdcAddress": "localhost:8443",
       "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981",

Multiple controllers can be configured so that Clamp is able to receive the notifications from different SDC servers. Each Clamp existing in a cluster should have different consumerGroup and consumerId so that they can each consume the SDC notification. The environmentName is normally the Dmaap Topic used by SDC. If the sdcAddress is not specified or not available (connection failure) the messageBusAddresses will be used (Dmaap servers)


A user can access CLAMP UI at the following URL : https://localhost:3000. (in this URL ‘localhost’ must be replaced by the actual host where CLAMP has been installed if it is not your current localhost) For OOM, the URL is https://<host-ip>:30258

- Without AAF, the credentials are
  Default username : admin
  Default password : password

- With AAF enabled, the certificate p12 must be added to the browser
  ca path: src/main/resources/clds/aaf/org.onap.clamp.p12, password "China in the Spring"
  Or get it from this page :

A user can access the Control-Loop DashBoard (ELK stack based) at the following URL : https://localhost:5601 . (in this URL ‘localhost’ must be replaced by the actual host where CLAMP has been installed if it is not your current localhost) For OOM, the URL is https://<host-ip>:30290. Since El Alto release, User access is protected using the Search Guard plugin, community Edition!, for Kibana and ElasticSearch. The initial users and credentials provided by the Search Guard plugins are used by default. (take a look at the files in the ElasticSearch docker image located in the folder: /usr/share/elasticsearch/config/sg/, especially the file “sg_internal_users.yml”).

Human Interfaces

User Interface (CLAMP Designer) - serve to configure control loop CLAMP UI is used to configure the Control Loop designed and distributed by SDC. From that UI it’s possible to distribute the configuration policies and control the life-cycle of the DCAE Micro Services.

The following actions are done using the UI:

  • Design a control loop flow by selecting a predefined template from a list (a template is an orchestration chain of Micro-services, so the template defines how the micro-services of the control loop are chained together)
  • Give value to the configuration the parameters of each micro-service of the control loop
  • Select the service and VNF(of that service) to which the control loop will be attached
  • Configure the operational policy(the actual operation resulting from the control loop)
  • Send the “TOSCA” blueprint parameters that will be used by DCAE to start the control loop (The blueprint will be sent first to SDC and SDC will publish it to DCAE)
  • Trigger the deployment of the Control loop in DCAE
  • Control (start/stop) the operation of the control loop in DCAE

HealthCheck API - serve to verify CLAMP status (see offered API’s section) * https://<host-ip>:8443/restservices/clds/v1/healthcheck This one does not require the certificate

Walk-through can be found here: